<?php
    session_start();
    if (( $_POST['username'] != null ) && ( $_POST['password'] != null ) ) {
        $username_post = $_POST['username'];
        $password_post = $_POST['password'];

        /**@忽略当前行的所有报错*/
        $link = @mysqli_connect('localhost','root','123456','shopping',3306);
        /**设置字符集 */
        mysqli_set_charset($link,'utf8');
        /**判断连接是否成功 */
        if(mysqli_connect_errno($link)){
            die("连接错误的错误代码".mysqli_connect_errno().",连接失败原因描述:".mysqli_connect_error());
        }
        /**执行sql获取数据 */
        $res = mysqli_query($link,"select * from user where `username` =  '$username_post' ");
        $row = mysqli_fetch_assoc($res);
        //判断符合条件数量
        if(mysqli_num_rows($res) > 0){
            if ($row['password'] == $password_post) {
                //密码验证通过，设置session，把用户名和密码保存在服务端
                $_SESSION['username_session'] = $username_post;
                $_SESSION['password_session'] = $password_post;
                //最后跳转到登录后的欢迎页面 //注意：这里我们没有像cookie一样带参数过去
                header('Location: welcome.php');
            }else{
                exit('密码错误');
            }
        }else{
            exit('不存在该用户');
        }
    }
?>

<html>
    <head>
    <!-- 这里指明页面编码 -->
        <meta charset="utf-8">
    </head>
    <body>
        <form action="" method="POST">
            <div>
                用户名：<input type="text" name="username" />
                密  码：<input type="text" name="password" />
                <input type="submit" value="登录">		
            </div>
        </form>
    </body>
</html>